[squid-users] Issue with Citrix sessions and squid

Amos Jeffries squid3 at treenet.co.nz
Wed Jul 8 21:26:37 UTC 2015


On 9/07/2015 7:01 a.m., David Touzeau wrote:
> Thanks Yuri,
> 
> Any tips how to increase TCP/IP stack ?
> Did you means TCP/IP stack on the Citrix Server side or on the squid
> box  or both ?

I'm thinking its a problem related to TCP sockets.
A rough estimate calculatino of:
 10 users x10 tabs x20 avg domains per page x 2 for happy eyeballs
makes it somewhere up to 4k sockets in active use at any time. if the
users are accessing domains with larger numbers ofdomains per page (ie
Facebook has up to 100) that could be 20k concurrent sockets just from
the browser.
 By the time that goes through Squid it becomes 40k, and if you have
ICAP it becomes "up to 80K" (out of an available 64k sockets).

Then there is all the OS background services that use HTTP through the
proxy, etc.

Without Citrix the users internal src-IPs vary. Making available a 64k
sockets per-user. Which is harder to reach, and the browser silently
limits itself when socekts start to run out.

Without Squid the Citrix connections are going to N different domains
with varying dst-IP. Which again raises the available port numbers per-user.


If the assumptino behind the above is right you should be able to
alleviate the problem by having Squid listen on multiple ports and/or
IPs. Then spreading the client connections out across those Squid ports.

Amos


More information about the squid-users mailing list